Friday, February 25, 2011

Nullcon HackIM 2011 CTF Writeup - Levels 0-4

Level 0 :

Initially no hints were provided for level 0 to level 2.

Started off trying with blank and admin/admin, admin/password and other common combinations. Still no luck hence as the next option, decided to look into the source code for hidden clues. The only catching word in the source code which caught my attention is action="level-0-proc.php", hence tried replacing "level-0.php" with "level-0-proc.php"

Voila...... got the congratulations and moved to Level 1.

Hint : I just wanna say one word to you.. just one word.firebug .or you could just mind your 'action'

Level 1 :

Title says Another Idiot Test, hence looked for hidden clues in the source code and found the below mentioned encrypted text down in the source.

A wild guess on checking if ROT 13 might help made me try the below mentioned :

Well what more to do other than try the new found level2 password. Time to move to level 3.

Hint :elePHPant arriveS - Courtesy PHPCamp Pune'11(Hint published loooooooong after I cleared off the level, late late hint :D)

Level 3:

my lisa, SmIth and me, Playing a game of words with thee,

Go eat your shorts you worm, as we lost to your fake treachery

My lisa, trivia, made me narrow down to melissa since they have also mentioned about a worm and melissa fits in properly. Simple google search made me land on the wikipedia page of melissa and the author name looked interesting.

Kwyjibo. Yes you guessed it right, its the password to level 4

Level 4:

Script It!

First Number = 0 Second Number = 0

Answer = First Number + Second Number + Previous Answer + Product of First Number and Second Number

After This ==> First Number + 1 & Second Number + 2

Final Answer will be the value of 'Answer' when First Number = 31337

Digging on the source gave me U3RhcnQgd2l0aCBQcmV2aW91cyBBbnN3ZXIgPSBGMQ==

A quick online Hex 64 converter gave me the hint in clear text "Start with Previous Answer = F1". Searching for value of F1 made me search on ASCII values and later landed on the F1 race which gave 241 as the maximum speed reached by McLauren.

So here is the python code which made me move across to Level 5 in ease.